Information flow analysis for file systems and databases using labels

Ehud Gudes; Luigi V. Mancini; Francesco Parisi-Presicce

doi:10.1007/1-4020-8128-6_9

Information flow analysis for file systems and databases using labels

Ehud Gudes, Luigi V. Mancini, Francesco Parisi-Presicce

Department of Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

The control of information flow has been used to address problems concerning the privacy and the secrecy of data. A model based on decentralized labels extends traditional multilevel security models by allowing users to declassify information in a distributed way. We extend this decentralized labels model developed by other authors by addressing specific issues that arise in accessing files and databases and in general in I/O operations. While retaining the support for static analysis, we also include run-time checks to allow declassification with "controlled information leakage".

Original language	English
Title of host publication	Research Directions in Data and Applications Security XVIII - IFIP TC11/WG11.3 18th Annual Conference on Data and Applications Security
Publisher	Springer New York LLC
Pages	125-141
Number of pages	17
ISBN (Print)	1402081278, 9781402081279
DOIs	https://doi.org/10.1007/1-4020-8128-6_9
State	Published - 1 Jan 2004
Event	IFIP TC11/WG11.3 18th Annual Conference on Data and Applications Security - Sitges, Catalonia, Spain Duration: 25 Jul 2004 → 28 Jul 2004

Publication series

Name	IFIP Advances in Information and Communication Technology
Volume	144
ISSN (Print)	1868-4238

Conference

Conference	IFIP TC11/WG11.3 18th Annual Conference on Data and Applications Security
Country/Territory	Spain
City	Sitges, Catalonia
Period	25/07/04 → 28/07/04

ASJC Scopus subject areas

Information Systems
Computer Networks and Communications
Information Systems and Management

Access to Document

10.1007/1-4020-8128-6_9

Cite this

Gudes, E., Mancini, L. V., & Parisi-Presicce, F. (2004). Information flow analysis for file systems and databases using labels. In Research Directions in Data and Applications Security XVIII - IFIP TC11/WG11.3 18th Annual Conference on Data and Applications Security (pp. 125-141). (IFIP Advances in Information and Communication Technology; Vol. 144). Springer New York LLC. https://doi.org/10.1007/1-4020-8128-6_9

Gudes, Ehud ; Mancini, Luigi V. ; Parisi-Presicce, Francesco. / Information flow analysis for file systems and databases using labels. Research Directions in Data and Applications Security XVIII - IFIP TC11/WG11.3 18th Annual Conference on Data and Applications Security. Springer New York LLC, 2004. pp. 125-141 (IFIP Advances in Information and Communication Technology).

@inproceedings{5e9fcd5a72394971aa42d0c40f81eba1,

title = "Information flow analysis for file systems and databases using labels",

abstract = "The control of information flow has been used to address problems concerning the privacy and the secrecy of data. A model based on decentralized labels extends traditional multilevel security models by allowing users to declassify information in a distributed way. We extend this decentralized labels model developed by other authors by addressing specific issues that arise in accessing files and databases and in general in I/O operations. While retaining the support for static analysis, we also include run-time checks to allow declassification with {"}controlled information leakage{"}.",

author = "Ehud Gudes and Mancini, {Luigi V.} and Francesco Parisi-Presicce",

year = "2004",

month = jan,

day = "1",

doi = "10.1007/1-4020-8128-6_9",

language = "English",

isbn = "1402081278",

series = "IFIP Advances in Information and Communication Technology",

publisher = "Springer New York LLC",

pages = "125--141",

booktitle = "Research Directions in Data and Applications Security XVIII - IFIP TC11/WG11.3 18th Annual Conference on Data and Applications Security",

note = "IFIP TC11/WG11.3 18th Annual Conference on Data and Applications Security ; Conference date: 25-07-2004 Through 28-07-2004",

}

Gudes, E, Mancini, LV & Parisi-Presicce, F 2004, Information flow analysis for file systems and databases using labels. in Research Directions in Data and Applications Security XVIII - IFIP TC11/WG11.3 18th Annual Conference on Data and Applications Security. IFIP Advances in Information and Communication Technology, vol. 144, Springer New York LLC, pp. 125-141, IFIP TC11/WG11.3 18th Annual Conference on Data and Applications Security, Sitges, Catalonia, Spain, 25/07/04. https://doi.org/10.1007/1-4020-8128-6_9

Information flow analysis for file systems and databases using labels. / Gudes, Ehud; Mancini, Luigi V.; Parisi-Presicce, Francesco.
Research Directions in Data and Applications Security XVIII - IFIP TC11/WG11.3 18th Annual Conference on Data and Applications Security. Springer New York LLC, 2004. p. 125-141 (IFIP Advances in Information and Communication Technology; Vol. 144).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Information flow analysis for file systems and databases using labels

AU - Gudes, Ehud

AU - Mancini, Luigi V.

AU - Parisi-Presicce, Francesco

PY - 2004/1/1

Y1 - 2004/1/1

N2 - The control of information flow has been used to address problems concerning the privacy and the secrecy of data. A model based on decentralized labels extends traditional multilevel security models by allowing users to declassify information in a distributed way. We extend this decentralized labels model developed by other authors by addressing specific issues that arise in accessing files and databases and in general in I/O operations. While retaining the support for static analysis, we also include run-time checks to allow declassification with "controlled information leakage".

AB - The control of information flow has been used to address problems concerning the privacy and the secrecy of data. A model based on decentralized labels extends traditional multilevel security models by allowing users to declassify information in a distributed way. We extend this decentralized labels model developed by other authors by addressing specific issues that arise in accessing files and databases and in general in I/O operations. While retaining the support for static analysis, we also include run-time checks to allow declassification with "controlled information leakage".

UR - http://www.scopus.com/inward/record.url?scp=84902493767&partnerID=8YFLogxK

U2 - 10.1007/1-4020-8128-6_9

DO - 10.1007/1-4020-8128-6_9

M3 - Conference contribution

AN - SCOPUS:84902493767

SN - 1402081278

SN - 9781402081279

T3 - IFIP Advances in Information and Communication Technology

SP - 125

EP - 141

BT - Research Directions in Data and Applications Security XVIII - IFIP TC11/WG11.3 18th Annual Conference on Data and Applications Security

PB - Springer New York LLC

T2 - IFIP TC11/WG11.3 18th Annual Conference on Data and Applications Security

Y2 - 25 July 2004 through 28 July 2004

ER -

Gudes E, Mancini LV, Parisi-Presicce F. Information flow analysis for file systems and databases using labels. In Research Directions in Data and Applications Security XVIII - IFIP TC11/WG11.3 18th Annual Conference on Data and Applications Security. Springer New York LLC. 2004. p. 125-141. (IFIP Advances in Information and Communication Technology). doi: 10.1007/1-4020-8128-6_9

Information flow analysis for file systems and databases using labels

Abstract

Publication series

Conference

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this